12 | | if ( !function_exists('wp_check_filetype') ) : |
13 | | function wp_check_filetype($filename, $mimes = null) { |
14 | | // Accepted MIME types are set here as PCRE unless provided. |
15 | | $mimes = is_array($mimes) ? $mimes : array ( |
16 | | 'jpg|jpeg|jpe' => 'image/jpeg', |
17 | | 'gif' => 'image/gif', |
18 | | 'png' => 'image/png', |
19 | | 'bmp' => 'image/bmp', |
20 | | 'tif|tiff' => 'image/tiff', |
21 | | 'ico' => 'image/x-icon', |
22 | | 'asf|asx|wax|wmv|wmx' => 'video/asf', |
23 | | 'avi' => 'video/avi', |
24 | | 'mov|qt' => 'video/quicktime', |
25 | | 'mpeg|mpg|mpe' => 'video/mpeg', |
26 | | 'txt|c|cc|h' => 'text/plain', |
27 | | 'rtx' => 'text/richtext', |
28 | | 'css' => 'text/css', |
29 | | 'htm|html' => 'text/html', |
30 | | 'mp3|mp4' => 'audio/mpeg', |
31 | | 'ra|ram' => 'audio/x-realaudio', |
32 | | 'wav' => 'audio/wav', |
33 | | 'ogg' => 'audio/ogg', |
34 | | 'mid|midi' => 'audio/midi', |
35 | | 'wma' => 'audio/wma', |
36 | | 'rtf' => 'application/rtf', |
37 | | 'js' => 'application/javascript', |
38 | | 'pdf' => 'application/pdf', |
39 | | 'doc' => 'application/msword', |
40 | | 'pot|pps|ppt' => 'application/vnd.ms-powerpoint', |
41 | | 'wri' => 'application/vnd.ms-write', |
42 | | 'xla|xls|xlt|xlw' => 'application/vnd.ms-excel', |
43 | | 'mdb' => 'application/vnd.ms-access', |
44 | | 'mpp' => 'application/vnd.ms-project', |
45 | | 'swf' => 'application/x-shockwave-flash', |
46 | | 'class' => 'application/java', |
47 | | 'tar' => 'application/x-tar', |
48 | | 'zip' => 'application/zip', |
49 | | 'gz|gzip' => 'application/x-gzip', |
50 | | 'exe' => 'application/x-msdownload' |
51 | | ); |
| 12 | _deprecated_file( basename( __FILE__ ), '3.0', null, sprintf( __( 'Change your rewrite rules to use <code>%1$s</code> instead of <code>%2$s</code>.' ), 'wp-includes/ms-files.php', 'wp-content/blogs.php' ) ); |
56 | | foreach ( (array)$mimes as $ext_preg => $mime_match ) { |
57 | | $ext_preg = '!\.(' . $ext_preg . ')$!i'; |
58 | | if ( preg_match($ext_preg, $filename, $ext_matches) ) { |
59 | | $type = $mime_match; |
60 | | $ext = $ext_matches[1]; |
61 | | break; |
62 | | } |
63 | | } |
64 | | |
65 | | return compact('ext', 'type'); |
66 | | } |
67 | | endif; |
68 | | |
69 | | $file = BLOGUPLOADDIR . str_replace( '..', '', $_GET[ 'file' ] ); |
70 | | if ( !is_file( $file ) ) { |
71 | | status_header( 404 ); |
72 | | die('404 — File not found.'); |
73 | | } |
74 | | |
75 | | $mime = wp_check_filetype( $_SERVER[ 'REQUEST_URI' ] ); |
76 | | if( $mime[ 'type' ] === false && function_exists( 'mime_content_type' ) ) |
77 | | $mime[ 'type' ] = mime_content_type( $file ); |
78 | | |
79 | | if( $mime[ 'type' ] != false ) { |
80 | | $mimetype = $mime[ 'type' ]; |
81 | | } else { |
82 | | $ext = substr( $_SERVER[ 'REQUEST_URI' ], strrpos( $_SERVER[ 'REQUEST_URI' ], '.' ) + 1 ); |
83 | | $mimetype = "image/$ext"; |
84 | | } |
85 | | @header( 'Content-type: ' . $mimetype ); // always send this |
86 | | if ( false === strpos( $_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS' ) ) |
87 | | @header( 'Content-Length: ' . filesize( $file ) ); |
88 | | |
89 | | // Optional support for X-Sendfile and X-Accel-Redirect |
90 | | if ( defined('WPMU_ACCEL_REDIRECT') && WPMU_ACCEL_REDIRECT ) { |
91 | | @header( 'X-Accel-Redirect: ' . str_replace( WP_CONTENT_DIR, '', $file ) ); |
92 | | exit; |
93 | | } elseif ( defined('WPMU_SENDFILE') && WPMU_SENDFILE ) { |
94 | | @header( 'X-Sendfile: ' . $file ); |
95 | | exit; |
96 | | } |
97 | | |
98 | | $last_modified = gmdate('D, d M Y H:i:s', filemtime( $file )); |
99 | | $etag = '"' . md5($last_modified) . '"'; |
100 | | @header( "Last-Modified: $last_modified GMT" ); |
101 | | @header( 'ETag: ' . $etag ); |
102 | | @header( 'Expires: ' . gmdate('D, d M Y H:i:s', time() + 100000000) . ' GMT' ); |
103 | | |
104 | | // Support for Conditional GET |
105 | | if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) |
106 | | $client_etag = stripslashes($_SERVER['HTTP_IF_NONE_MATCH']); |
107 | | else |
108 | | $client_etag = false; |
109 | | |
110 | | if( !isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) |
111 | | $_SERVER['HTTP_IF_MODIFIED_SINCE'] = false; |
112 | | $client_last_modified = trim( $_SERVER['HTTP_IF_MODIFIED_SINCE']); |
113 | | // If string is empty, return 0. If not, attempt to parse into a timestamp |
114 | | $client_modified_timestamp = $client_last_modified ? strtotime($client_last_modified) : 0; |
115 | | |
116 | | // Make a timestamp for our most recent modification... |
117 | | $modified_timestamp = strtotime($last_modified); |
118 | | |
119 | | if ( ($client_last_modified && $client_etag) ? |
120 | | (($client_modified_timestamp >= $modified_timestamp) && ($client_etag == $etag)) : |
121 | | (($client_modified_timestamp >= $modified_timestamp) || ($client_etag == $etag)) ) { |
122 | | status_header( 304 ); |
123 | | exit; |
124 | | } |
125 | | |
126 | | // If we made it this far, just serve the file |
127 | | |
128 | | readfile( $file ); |
129 | | |
130 | | ?> |
| 17 | ?> |
| 18 | No newline at end of file |